<?php
// $token=new token();
// $token->valid_token();
class token{
	private $name;
	public function __construct($name='__hash__'){
		$this->name=$name;
		//如果token为空则生成一个token 
		if(!isset($_SESSION['token']) || $_SESSION['token']=='') { 
			$this->set_token(); 
		}
	}
	public function set_token() { 
		$_SESSION['token'] = md5(microtime(true)); 
	}
	public function get_token(){
		return isset($_SESSION['token'])?$_SESSION['token']:'';
	}
	public function valid_token() { 
		$return = $_REQUEST[$this->name] === $_SESSION['token'] ? true : false; 
		set_token(); 
		return $return; 
	}
	public function form(){
		return '<input type="hidden" name="'.$this->name.'" value="'.$this->get_token().'">';
	}
	
}